Bump symfony/symfony from 3.3.0 to 3.4.35

[dependabot[bot]]

Bumps symfony/symfony from 3.3.0 to 3.4.35.

Release notes

Sourced from symfony/symfony's releases.

v3.4.35

Changelog (since https://github.com/symfony/symfony/compare/v3.4.34...v3.4.35)

• bug #34344 [Console] Constant STDOUT might be undefined (@​nicolas-grekas)
• security #cve-2019-18889 [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances (@​nicolas-grekas)
• security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files with leading dash (@​nicolas-grekas)
• security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSigner (@​stof)

[PR] symfony/symfony#34350 [SECURITY] Security release

v3.4.34

Changelog (since https://github.com/symfony/symfony/compare/v3.4.33...v3.4.34)

• bug #34297 [DI] fix locators with numeric keys (@​nicolas-grekas)
• bug #34282 [DI] Dont cache classes with missing parents (@​nicolas-grekas)
• bug #34181 [Stopwatch] Fixed bug in getDuration when counting multiple ongoing periods (@​TimoBakx)
• bug #34179 [Stopwatch] Fixed a bug in StopwatchEvent::getStartTime (@​TimoBakx)
• bug #34203 [FrameworkBundle] [HttpKernel] fixed correct EOL and EOM month (@​erics86)

[PR] symfony/symfony#34322

v3.4.33

Changelog (since https://github.com/symfony/symfony/compare/v3.4.32...v3.4.33)

• bug #33998 [Config] Disable default alphabet sorting in glob function due of unstable sort (@​hurricane-voronin)
• bug #34144 [Serializer] Improve messages for unexpected resources values (@​fancyweb)
• bug #34080 [SecurityBundle] correct types for default arguments for firewall configs (@​shieldo)
• bug #33999 [Form] Make sure to collect child forms created on *_SET_DATA events (@​yceruto)
• bug #34021 [TwigBridge] do not render errors for checkboxes twice (@​xabbuh)
• bug #34041 [HttpKernel] fix wrong removal of the just generated container dir (@​nicolas-grekas)
• bug #34023 [Dotenv] allow LF in single-quoted strings (@​nicolas-grekas)
• bug #33818 [Yaml] Throw exception for tagged invalid inline elements (@​gharlan)
• bug #33948 [PropertyInfo] Respect property name case when guessing from public method name (@​antograssiot)
• bug #33962 [Cache] fixed TagAwareAdapter returning invalid cache (@​v-m-i)
• bug #33965 [HttpFoundation] Add plus character + to legal mime subtype (@​ilzrv)
• bug #32943 [Dotenv] search variable values in ENV first then env file (@​soufianZantar)
• bug #33943 [VarDumper] fix resetting the "bold" state in CliDumper (@​nicolas-grekas)

[PR] symfony/symfony#34208

v3.4.32

Changelog (since https://github.com/symfony/symfony/compare/v3.4.31...v3.4.32)

• bug #33834 [Validator] Fix ValidValidator group cascading usage (@​fancyweb)
• bug #33841 [VarDumper] fix dumping uninitialized SplFileInfo (@​nicolas-grekas)
• bug #33799 [Security]: Don't let falsy usernames slip through impersonation (@​j4nr6n)
• bug #33814 [HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array (@​mynameisbogdan)
• bug #33805 [FrameworkBundle] Fix wrong returned status code in ConfigDebugCommand (@​jschaedl)
• bug #33781 [AnnotationCacheWarmer] add RedirectController to annotation cache (@​jenschude)

... (truncated)

Commits

• 2adc85d Merge pull request #34350 from fabpot/release-3.4.35
• 02257c8 updated VERSION for 3.4.35
• 3e25850 updated CHANGELOG for 3.4.35
• 32bde39 bug #34344 [Console] Constant STDOUT might be undefined (nicolas-grekas)
• 53dc781 minor #34340 Allow returning null from NormalizerInterface::normalize (teohha...
• bb8c82c [Console] Constant STDOUT might be undefined.
• 1c8edc5 Allow returning null from NormalizerInterface::normalize
• 4cc37df security #cve-2019-18889 [Cache] forbid serializing AbstractAdapter and TagAw...
• b21025b security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files wi...
• 0102134 security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSign...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/GoogleCloudPlatform/appengine-symfony-starter-project/network/alerts).

[dependabot[bot]]

Superseded by #32.